package com.idress.action;

import org.apache.catalina.servlet4preview.http.HttpServletRequest;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Component;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;

import java.util.Map;

@Controller
public class LoginAction {

    @RequestMapping("/login")
    public String login(HttpServletRequest request, Map<String, Object> map) throws Exception{
        return "login";
    }

    @RequestMapping("/403")
    public String unauthorized(HttpServletRequest request, Map<String, Object> map) throws Exception{
        return "403";
    }

    @RequestMapping("loginAction")
    public String loginAction(String code, String password, Model model){
        //该方法可以将用户密码根据配置的加密方式加密
        UsernamePasswordToken token = new UsernamePasswordToken(code,password);
        Subject subject =  SecurityUtils.getSubject();
        String msg="";
        try {
            subject.login(token);
            return "index";
        } catch ( UnknownAccountException e ) {
           msg = "账号不存在";
        } catch ( IncorrectCredentialsException e ) {
            msg = "密码错误";
        } catch ( LockedAccountException e ) {
            msg = "账号被锁定";
        }catch ( DisabledAccountException e ) {
            msg = "账号被禁用";
        } catch ( ExpiredCredentialsException e ) {
            msg = "凭证过期";
        } catch(ExcessiveAttemptsException e){
            msg = "登录失败次数过多";
        }
        model.addAttribute("msg",msg);
        return "login";
    }

    //需要登录才有权限
    @RequestMapping("/userInfo/userList")
    public String userList(){

        return "userinfo";
    }

    //需要admin才有权限
    @RequestMapping("/userInfo/userAdd")
    public String userAdd(){

        return "userinfoAdd";
    }

    //admin也没有权限
    @RequestMapping("/userInfo/userDel")
    public String userDel(){

        return "userinfoDel";
    }
} 